About “HackTool.PasswordCracker” infection

The HackTool.PasswordCracker is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What HackTool.PasswordCracker virus can do?

Unconventionial language used in binary resources: Russian
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine HackTool.PasswordCracker?


File Info:
name: 5712E50B91E76959D32B.mlw
path: /opt/CAPEv2/storage/binaries/64f1e7c70708d6421a95877dfcf91fa819fa85a6912384829ec528097e6ee0f3
crc32: 52912110
md5: 5712e50b91e76959d32b5794fbbd90e9
sha1: 936d99dde8aa3bfe70d5e9d06ad893b00e92f9de
sha256: 64f1e7c70708d6421a95877dfcf91fa819fa85a6912384829ec528097e6ee0f3
sha512: 3236def90f2b8072ae54ab64372c2f1b5237f7b966c1c11ed3fe9e09693fef066c94d8d42ee87142604582a024798102fa7524abf11404bdac6cc1e69546df95
ssdeep: 6144:PyM9608MABic5kVrxmPL0WFIoa8A+8kO/C79ROE40KOc2iB3pJzPf5rdJq0JX6WQ:6M96JMABd5arcPH8kESc22H5JJdJlRv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F5B46C22B3B04473C1772A389C1B97AD683AFD10392999866FF53D4C5F38281797B297
sha3_384: 61870d1bdb246a1ab6979f8aa55fe730fbe1c0c6c36b735e466a0134364dd3cf4d797d6b5d8e22f3c324f2ec9cc6a56d
ep_bytes: 558bec83c4f0b894344600e81427faff
timestamp: 1992-06-19 22:22:17

Version Info:
CompanyName: FC Soft
FileDescription: Recover NT passwords
FileVersion: 1.2.0.0
InternalName: NT Passworder
LegalCopyright: FC Soft Copyright (C) 2002-2004
LegalTrademarks: FC Soft
OriginalFilename: NTPassworder.exe
ProductName: NT Passworder
ProductVersion: 1.2.0.0
Translation: 0x0409 0x04e4

HackTool.PasswordCracker also known as:

Lionic	Trojan.Win32.Generic.4!c
Malwarebytes	HackTool.PasswordCracker
Sangfor	Trojan.Win32.Agent.V5sl
K7AntiVirus	Trojan ( 7000000f1 )
K7GW	Trojan ( 7000000f1 )
VirIT	Trojan.Win32.Generic.EJK
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/PSWTool.NTPassworder.A potentially unsafe
APEX	Malicious
NANO-Antivirus	Riskware.Win32.PWTool.icsa
SUPERAntiSpyware	Trojan.Agent/Generic
Sophos	Mal/Generic-S
DrWeb	Tool.PassSteel.1057
Zillya	Tool.Delf.Win32.1667
McAfee-GW-Edition	BehavesLike.Win32.ObfuscatedPoly.gh
Jiangmin	PSWTool.NtPass.a
Webroot	W32.Malware.Gen
Google	Detected
Antiy-AVL	Trojan[PSWTool]/Win32.Delf
Microsoft	Trojan:Win32/Ditertag.A
McAfee	PWCrack.a-NTPass
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H06EG23
Rising	Trojan.Generic@AI.80 (RDMK:u2mh0erfQsKyPu/ue/oqOQ)
Ikarus	not-a-virus:PSWTool.Win32.Delf
MaxSecure	Trojan.Malware.1108257.susgen
Fortinet	Riskware/NTPassworder
DeepInstinct	MALICIOUS

How to remove HackTool.PasswordCracker?

HackTool.PasswordCracker removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X